Back with a problem. A friend says that she has Vista Smart Security on her Comp ant that it gives her constant warnings… I never heard of this but a quick google search reveals that it’s a malware.
There is no thread on the forum about this so this is a first. I don’t have access to her comp but I can provide her with instructions.
She has Windows Vista with Bit Defender as her Anti-virus and MBAM as a second scanner. She is willing to install Avast but I’m not pushing unless it really helps.
MBAM doesn’t pick up anything.
Is there an uninstaller available for this malware? Can some one provide a link?
She has Windows Vista with Bit Defender as her Anti-virus and MBAM as a second scanner. She is willing to install Avast but I'm not pushing unless it really helps.
Vista Smart Security is a rogue anti-spyware program that uses misleading advertising to make you think that your computer is infected with malware and that you should purchase the program to remove the infections. The rogue program comes from fake online scanners or misleading video sites. It may be also promoted on popular social networks. Of course, it may also enter a computer through system vulnerabilities. One way or another, the main goal of Vista Smart Security remains the same - to trick you into purchasing the program. Don't buy it! Instead, please follow the removal instructions below to remove Vista Smart Security from your computer upon detection.
I don’t know if this is on avast’s radar, but I would have thought that MBAM a specialist program (used to be called RogueRemover) should be able to detect and remove this. Ensure that she has a) the latest version of MBAM and b) the latest signatures.
She says, that MBAM picked up some things which she quarantined, and that diminished the number of unsolicited pop-up windows she gets but it’s not altogether clear if the program was removed or not.
MBAM is up to date so it is something it’s not picking up.
I’ll be able to know more in a few days.
Would switching to avast help? She paid for a one year license for Bit Defender so she is not too eager to switch.
Regardless, I’ll wait to see the feedback I get from the proposed methods and report back.
I honestly don’t know, as there is another topic that I have seen that refers to av.exe and or ave.exe, the files mentioned in the manual removal that I posted.
Check out the bleepingcomputer.com link I gave as I’m sure that mentions using MBAM.
Short of that it is manual removal, stopping the av.exe ave.exe processes and checking the registry, which isn’t for the faint-hearted or without risk.
You could try SAS also: SUPERantispyware On-Demand only in free version.[/li]
Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
I am fearful it may come down to a manual uninstall. However I am using SAS free and have for some time. I recommended MBAM because it seems more user friendly. I’ll suggest she use SAS as well in case all goes wrong and if that fails I’ll try and do the manual uninstall myself.
Well SAS has some nice repair functions, under the Preferences, Repairs tab. The reason I mention it is that some of the registry entries in that manual fix relate to blocking certain functions. So that may be some help.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center “AntiVirusOverride” = “1”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center “FirewallOverride” = “1”
These stop the WSC reporting when your firewall or AV is disabled.
OK so here is the conclusion to this thread.
The computer is now clean and working better than before. The latest scans with Avast, SAS and MBAM reveal no infections. SAS and MBAM were good but I think Avast was the only one who managed to remove the ave.exe via the Boot-up Scan.
I did not try Free DrWeb and since there are no indicators of infections I’m not planing on running it.
Two last things to be mentioned.
Appologies for lateness in the reply.
Many, many thanks to: DavidR (5/5), Pondus and mikaelrask for helping out.